Thanks Anthony, it works !
Yes i know, i will use the same security which was used before (was in PHP)
but i know how to use this in python now.
Thx again :)
Le mercredi 16 décembre 2015 16:19:25 UTC+1, Anthony a écrit :
>
> Always use Python to build your paths:
>
> import os
> filepath = os.path.join(request.folder, 'view', 'pictures', filename)
>
> Again, don't just use the filename provided by the user, as that is a
> security vulnerability.
>
> Anthony
>
> On Wednesday, December 16, 2015 at 10:13:10 AM UTC-5, Adrien wrote:
>>
>> For the path, i just don't write my path but it works only when i used
>> the all path (from C:/ to my folder pictures like
>> "C:/Adrien/web2py/applications/myApp/view/pictures/", don't know how to
>> write only "pictures/"). So if i can resolve this and find how to change
>> the filename, it's good and my problem will be fix.
>>
>> For SQLFORM.factory : i already have a form divided in many html table
>> with an anchor for each table, and i don't know how to do the same thing
>> with the factory.
>>
>> Someone know how to fix the problem with the path and the filename ?
>>
>> Thx guys !
>>
>> Le mercredi 16 décembre 2015 15:55:26 UTC+1, Anthony a écrit :
>>>
>>> On Wednesday, December 16, 2015 at 4:53:41 AM UTC-5, xmarx wrote:
>>>>
>>>> in controller:
>>>>
>>>> def index():
>>>> import os
>>>> form=SQLFORM.factory(Field('name'),Field('file',
>>>> 'upload',uploadfolder=os.path.join(request.folder,'uploads')))
>>>> if form.process().accepted:
>>>> request.flash='file uploaded!'
>>>> return dict(form=form)
>>>>
>>>>
>>> The only problem with using SQLFORM.factory to handle file uploads is
>>> that it will use the DAL upload mechanism to rename the file (including a
>>> random UUID segment). Because there is no database table storing the new
>>> filename, it will now be difficult to retrieve the file, as you will not
>>> know the filename (you would have to scan the whole directory and decode
>>> all of the base-16-encoded parts of the filenames to retrieve the original
>>> filenames).
>>>
>>> Anthony
>>>
>>
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
